Deactivate automatic root zone fetching
Automatic maintained root zone is great for network resolvers, which are used by multiple machines. Its usage on every common device is not desired however, especially when used as localhost only cache daemon. Make it simple to activate local root zone by creating symlink in directory /etc/unbound/conf.d to /usr/share/unbound/conf.d/unbound-local-root.conf. But have it deactivated in default configuration. Resolves: RHEL-77614
This commit is contained in:
Tomas Korbar
parent
b28b38c26e
commit
31ef264918
@ -471,56 +471,6 @@ index 0368c8d..5873db5 100644
|
||||
|
||||
# Authority zones
|
||||
# The data for these zones is kept locally, from a file or downloaded.
|
||||
@@ -1188,27 +1241,28 @@ remote-control:
|
||||
# download it), primary: fetches with AXFR and IXFR, or url to zonefile.
|
||||
# With allow-notify: you can give additional (apart from primaries and urls)
|
||||
# sources of notifies.
|
||||
-# auth-zone:
|
||||
-# name: "."
|
||||
-# primary: 170.247.170.2 # b.root-servers.net
|
||||
-# primary: 192.33.4.12 # c.root-servers.net
|
||||
-# primary: 199.7.91.13 # d.root-servers.net
|
||||
-# primary: 192.5.5.241 # f.root-servers.net
|
||||
-# primary: 192.112.36.4 # g.root-servers.net
|
||||
-# primary: 193.0.14.129 # k.root-servers.net
|
||||
-# primary: 192.0.47.132 # xfr.cjr.dns.icann.org
|
||||
-# primary: 192.0.32.132 # xfr.lax.dns.icann.org
|
||||
-# primary: 2801:1b8:10::b # b.root-servers.net
|
||||
-# primary: 2001:500:2::c # c.root-servers.net
|
||||
-# primary: 2001:500:2d::d # d.root-servers.net
|
||||
-# primary: 2001:500:2f::f # f.root-servers.net
|
||||
-# primary: 2001:500:12::d0d # g.root-servers.net
|
||||
-# primary: 2001:7fd::1 # k.root-servers.net
|
||||
-# primary: 2620:0:2830:202::132 # xfr.cjr.dns.icann.org
|
||||
-# primary: 2620:0:2d0:202::132 # xfr.lax.dns.icann.org
|
||||
-# fallback-enabled: yes
|
||||
-# for-downstream: no
|
||||
-# for-upstream: yes
|
||||
+auth-zone:
|
||||
+ name: "."
|
||||
+ primary: 170.247.170.2 # b.root-servers.net
|
||||
+ primary: 192.33.4.12 # c.root-servers.net
|
||||
+ primary: 199.7.91.13 # d.root-servers.net
|
||||
+ primary: 192.5.5.241 # f.root-servers.net
|
||||
+ primary: 192.112.36.4 # g.root-servers.net
|
||||
+ primary: 193.0.14.129 # k.root-servers.net
|
||||
+ primary: 192.0.47.132 # xfr.cjr.dns.icann.org
|
||||
+ primary: 192.0.32.132 # xfr.lax.dns.icann.org
|
||||
+ primary: 2801:1b8:10::b # b.root-servers.net
|
||||
+ primary: 2001:500:2::c # c.root-servers.net
|
||||
+ primary: 2001:500:2d::d # d.root-servers.net
|
||||
+ primary: 2001:500:2f::f # f.root-servers.net
|
||||
+ primary: 2001:500:12::d0d # g.root-servers.net
|
||||
+ primary: 2001:7fd::1 # k.root-servers.net
|
||||
+ primary: 2620:0:2830:202::132 # xfr.cjr.dns.icann.org
|
||||
+ primary: 2620:0:2d0:202::132 # xfr.lax.dns.icann.org
|
||||
+ fallback-enabled: yes
|
||||
+ for-downstream: no
|
||||
+ for-upstream: yes
|
||||
+
|
||||
# auth-zone:
|
||||
# name: "example.org"
|
||||
# for-downstream: yes
|
||||
@@ -1234,6 +1288,9 @@ remote-control:
|
||||
# name: "anotherview"
|
||||
# local-zone: "example.com" refuse
|
||||
|
||||
Loading…
Reference in New Issue
Block a user